package tgc.edu.library.security;

import java.io.IOException;
import java.util.Set;

import javax.servlet.Servlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

public class LoginSuccessHandle implements AuthenticationSuccessHandler { 
	@Override 
	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication)throws IOException { 
		Set<String> roles = AuthorityUtils.authorityListToSet(authentication.getAuthorities()); 
		
		//获取到登陆者的权限，然后做跳转 
		if (roles.contains("ROLE_ADMIN") || roles.contains("ROLE_BOOKADMIN")){ 
			response.sendRedirect("/library/main"); 
			return; 
		}else if (roles.contains("ROLE_READER")){ 
			response.sendRedirect("/library/welcome");
			return; 
		}else { 
			response.sendRedirect("/403"); 
		} 
	} 
}
